Today’s software heavily depends on open source components, integrating numerous packages maintained by developers worldwide. This boosts innovation but also introduces significant supply chain risks as attackers are more frequently targeting popular libraries to propagate malware broadly.
Feross Aboukhadijeh, founder and CEO of Socket, a security platform that shields software from open source supply chain attacks, joins Josh Goldberg to discuss his journey in open source, the nature of such attacks, practical security insights, the growing attack surface in software development, and other topics.
Josh Goldberg is a dedicated full-time open source developer specializing in the TypeScript ecosystem. He focuses on projects that assist developers in writing TypeScript more efficiently, most notably working on typescript-eslint: the tool enabling ESLint and Prettier for TypeScript code. Josh is an active contributor to open source projects like ESLint and TypeScript, recognized as a Microsoft MVP for developer technologies, and the author of the esteemed book Learning TypeScript (O’Reilly), a valuable resource for anyone wishing to understand TypeScript from a JavaScript background. Josh frequently conducts presentations and workshops at educational institutions, conferences, and meetups to share his expertise in TypeScript, static analysis, open source, and frontend and web development.
Sponsors
Is your AI model taking weeks to train? Or is it too slow for real-time inference? Fixstars AI Booster is the acceleration platform that solves both. AI Booster automatically analyzes and optimizes your entire AI pipeline. The result? Dramatically faster training – up to 5x faster, and compute costs slashed by up to 80%. Trusted by major companies including Sony Honda Mobility. Stop waiting on your hardware. Visit fixstars.com to learn how